From b77437226f8d226e318ca7b1de796077eba73f82 Mon Sep 17 00:00:00 2001
From: Khalim Conn-Kowlessar <kconnkowlessar@gmail.com>
Date: Wed, 5 Jul 2023 18:46:43 +0100
Subject: [PATCH] Added github actions deployment script

---
 .../terraform/.github/workflows/deploy.yml    | 61 +++++++++++++++++++
 1 file changed, 61 insertions(+)
 create mode 100644 infrastructure/terraform/.github/workflows/deploy.yml

diff --git a/infrastructure/terraform/.github/workflows/deploy.yml b/infrastructure/terraform/.github/workflows/deploy.yml
new file mode 100644
index 00000000..f1669941
--- /dev/null
+++ b/infrastructure/terraform/.github/workflows/deploy.yml
@@ -0,0 +1,61 @@
+name: CI/CD Pipeline
+
+on:
+  pull_request:
+    branches:
+      - main
+      - dev
+      - prod
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v1
+        with:
+          terraform_version: 1.0.5
+
+      - name: Configure AWS credentials (DevAdmin)
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.DEV_AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.DEV_AWS_SECRET_ACCESS_KEY }}
+          aws-region: eu-west-2
+          role-to-assume: arn:aws:iam::account-id:role/role-name-with-path
+        env:
+          AWS_PROFILE: "DevAdmin"
+
+      - name: Terraform Init
+        run: terraform init
+
+      - name: Terraform Plan
+        run: terraform plan -var-file=${{ github.event.pull_request.base.ref }}.tfvars
+
+      - name: Terraform Workspace
+        run: terraform workspace new ${{ github.event.pull_request.base.ref }}
+
+      - name: Deploy to Dev
+        if: github.event.pull_request.base.ref == 'dev' && github.event.pull_request.merged == true
+        run: terraform apply -var-file=dev.tfvars -auto-approve
+        env:
+          name: dev
+
+      - name: Configure AWS credentials (ProdAdmin)
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.PROD_AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.PROD_AWS_SECRET_ACCESS_KEY }}
+          aws-region: eu-west-2
+          role-to-assume: arn:aws:iam::account-id:role/role-name-with-path
+        env:
+          AWS_PROFILE: "ProdAdmin"
+
+      - name: Deploy to Prod
+        if: github.event.pull_request.base.ref == 'prod' && github.event.pull_request.merged == true
+        run: terraform apply -var-file=prod.tfvars -auto-approve
+        env:
+          name: prod